[cabfpub] Final Minutes of CA/Browser Forum Meeting April 25, 2024
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Thu May 9 16:32:24 UTC 2024
These are the Final Minutes of the Teleconference described in the
subject of this message, prepared by Ryan Dickson (Google Chrome).
Attendees:Aaron Poulsen (Amazon Trust Services), Adam Jones (Microsoft),
Andrea Holland (VikingCloud), Ben Wilson (Mozilla), Bindi Davé
(DigiCert), Brianca Martin (Amazon), Chris Clements (Google Chrome),
Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI),
Dimitris Zacharopoulos (HARICA), Dong Wha Shin (MOIS), Doug Beattie
(GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-Trust),
Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Inigo Barreira
(Sectigo), Jaime Hablutzel (OISTE Foundation), Janet Hines
(VikingCloud), Jay Wilson (Sectigo), Johnny Reading (GoDaddy), Keshava
Nagaraju (eMudhra), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa
Telecom), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Mahua
Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg
(Sectigo), Michael Slaughter (Amazon Trust Services), Miguel Sanchez
(Google Trust Services), Mrugesh Chandarana (IdenTrust), Nargis Mannan
(VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang
(TrustAsia), Peter Miskovic (Disig), Rollin Yu (TrustAsia), Ryan Dickson
(Google Chrome), Scott Rea (eMudhra), Sissel Hoel (Buypass), Stephen
Davidson (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito (SECOM
Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com),
Tim Hollebeek (DigiCert), Trevoli Ponds-White (Amazon Trust Services),
Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US
Federal PKI Management Authority), Yashwanth TM (eMudhra)
CA/Browser Forum Agenda – 25 April 2024
1. Begin Recording - Roll Call
*
N/A - the call is already recording.
*
Dimitris greeted participants and opened the meeting.
2. Read note-well
*
Dimitris read the note-well.
3. Review of Agenda
*
Dimitris reviewed the agenda.
*
No additional agenda items were raised for discussion.
4. Approval of minutes from the March 28, 2024 Teleconference (minutes
were distributed 2024-04-19)
*
Dimitris made a call for objections, none voiced.
*
The draft minutes are considered approved.
5. Approval of minutes from the April 11, 2024 Teleconference (minutes
were distributed 2024-04-18)
*
Dimitris made a call for objections, none voiced.
*
The draft minutes are considered approved.
6. Server Certificate Working Group update (Inigo)
*
SCWG:
o
Inigo summarized the last SCWG call that took place immediately
prior to this call. Please refer to the SCWG minutes.
*
Validation Subcommittee updates:
o
Last week’s meeting focused on:
+
continued discussions re: EV automation improvement ballot.
The text is largely finalized. Globalsign is looking for
endorsers. If interested, please contact Eva directly.
+
continued discussions re: improvements to 3.2.2.4.7 (CA
assisted domain validation). Language finalized, formal
balloting process expected to begin shortly. Endorsers needed.
+
Wayne led discussion to allow use of the ACME dns-account-01
validation method. Next steps will progress once an updated
IETF draft is available to address open questions.
+
Discussion related to delegated third parties (DTPs) with
regard to domain validation. Tackled methods .19 and .20 and
outlined potential DTPs. Next meeting will focus on email
validation methods.
*
Other discussion:
o
Related to the SCWG, Dimitris was interested in learning more
about the PAG
+
Inigo described that Ben has been leading the PAG. A meeting
is planned for the following Monday, and Ben has prepared an
agenda to lead the group.
7. Code Signing Certificate Working Group update (Bruce)
*
No updates
8. S/MIME Certificate Working Group update (Stephen)
*
SMC-06 is in IPR review, ending May 11th.
o
Noteworthy deadline: 9/15/24 - changes validation requirements
for organizations.
o
General updates:
+
Long running discussion re: deprecation of legacy profiles.
Deprecation is forecasted for the middle of 2025. Stephen
encouraged CAs who foresee challenges with the transition
from the legacy profiles to participate in the S/MIME
Working Group.
+
Other updates are being discussed within the Working Group
to include consistency with the TLS BRs: logging
requirements, delegated DNS, and potentially
Multi-Perspective Issuance Corroboration.
9. Forum Infrastructure Subcommittee update (Jos)
*
No updates
10. NetSec Working Group update (Clint)
*
Clint shared the group met on Tuesday.
o
No final feedback or updates required related to NS-03 as a
result of the discussion period, ballot is now in the voting period.
o
Briefly spent time reviewing the Section 4 ballot (finalized,
ready to go into discussion, dependent upon NS-03 completing the
voting process).
o
Remainder of time was spent discussing items that the group
might shift focus to next (list of 10 or so items created, and
issues in GitHub that should be revisited). Time spent in the
subsequent meeting and at F2F will help set future course of action.
11. IPR update Subcommittee Charter (Ben)
*
Ben shared a revised charter has been prepared, with one endorser.
Dimitris will give a final review and likely will feel comfortable
endorsing.
12. Bylaws update preparation (Dimitris)
*
Dimitris shared screen, reviewed bylaws-related issues in GitHub
discussed at the last F2F meeting.
o
These items will guide subsequent updates to the bylaws.
o
Open <https://github.com/cabforum/forum/labels/bylaws>items:
+
Remove letters of intent for associate members
+
Standardize release cycles of Guidelines
+
Introduction of e-voting
o
Discussion on these issues and/or proposed updates are welcome.
13. F2F#62 agenda preparation (Dimitris)
*
Dimitris expects each WG to come up with its own agenda for the F2F.
*
Elements of the draft agenda need to be confirmed and finalized.
*
We need to prepare for the upcoming elections cycle.
o
We’ll use a new process, and this will be discussed at the F2F.
o
Each WG will still maintain its own nomination and voting
process (run through its list, or possibly through the e-voting
method)
14. Any Other Business
*
New Definitions and Glossary Working Group
o
There’s an open declaration for participation. If you want to
participate in the WG, declare it in the public list.
+
Dimitris assumes WG Chair/Vice-chair will work with the
Forum Infrastructure subcommittee to stand up email lists/etc.
*
Adriano shared final logistics re: F2F. If you have questions or
need help, email Adriano and Dimitris.
*
No other discussion.
15. Next call: May 9, 2024
16. Adjourn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20240509/c1a9c7c9/attachment-0001.html>
More information about the Public
mailing list